/**
* @file rte_ipsec_sa.h
- * @b EXPERIMENTAL: this API may change without prior notice
*
* Defines API to manage IPsec Security Association (SA) objects.
*/
uint8_t proto; /**< next header protocol */
} trs; /**< transport mode related parameters */
};
-
- /**
- * window size to enable sequence replay attack handling.
- * replay checking is disabled if the window size is 0.
- */
- uint32_t replay_win_sz;
};
/**
RTE_SATP_LOG2_MODE,
RTE_SATP_LOG2_SQN = RTE_SATP_LOG2_MODE + 2,
RTE_SATP_LOG2_ESN,
- RTE_SATP_LOG2_NUM
+ RTE_SATP_LOG2_ECN,
+ RTE_SATP_LOG2_DSCP
};
#define RTE_IPSEC_SATP_IPV_MASK (1ULL << RTE_SATP_LOG2_IPV)
#define RTE_IPSEC_SATP_ESN_DISABLE (0ULL << RTE_SATP_LOG2_ESN)
#define RTE_IPSEC_SATP_ESN_ENABLE (1ULL << RTE_SATP_LOG2_ESN)
+#define RTE_IPSEC_SATP_ECN_MASK (1ULL << RTE_SATP_LOG2_ECN)
+#define RTE_IPSEC_SATP_ECN_DISABLE (0ULL << RTE_SATP_LOG2_ECN)
+#define RTE_IPSEC_SATP_ECN_ENABLE (1ULL << RTE_SATP_LOG2_ECN)
+
+#define RTE_IPSEC_SATP_DSCP_MASK (1ULL << RTE_SATP_LOG2_DSCP)
+#define RTE_IPSEC_SATP_DSCP_DISABLE (0ULL << RTE_SATP_LOG2_DSCP)
+#define RTE_IPSEC_SATP_DSCP_ENABLE (1ULL << RTE_SATP_LOG2_DSCP)
+
/**
* get type of given SA
* @return
* SA type value.
*/
-__rte_experimental
uint64_t
rte_ipsec_sa_type(const struct rte_ipsec_sa *sa);
* - Actual size required for SA with given parameters.
* - -EINVAL if the parameters are invalid.
*/
-__rte_experimental
int
rte_ipsec_sa_size(const struct rte_ipsec_sa_prm *prm);
* - -EINVAL if the parameters are invalid.
* - -ENOSPC if the size of the provided buffer is not big enough.
*/
-__rte_experimental
int
rte_ipsec_sa_init(struct rte_ipsec_sa *sa, const struct rte_ipsec_sa_prm *prm,
uint32_t size);
* @param sa
* Pointer to SA object to de-initialize.
*/
-__rte_experimental
void
rte_ipsec_sa_fini(struct rte_ipsec_sa *sa);
git.droids-corp.org / dpdk.git / blobdiff